mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-24 02:35:41 +00:00
c7963e7731
Changes the semantics of the security.sandbox.content.level pref on OS X with respect to file access to the user's home directory. With the fix, Nightly defaults to 2 while other releases will default to 1. The level values now have the following meaning. *) security.sandbox.content.level=0 disables content process sandboxing. No change here. *) security.sandbox.content.level=1 blocks write access to the majority of the home directory. *) security.sandbox.content.level=2 includes the write access blocking in level 1, but also blocks both read and write access to ~/Library and $PROFILE excluding the extensions and weave subdirectories. Prior to this fix, Nightly defaulted to a value of 1 while all other releases used 0. The value of 1 meant that read/write access to ~/Library and the $PROFILE dir (excluding $PROFILE/{extensions,weave}) was prevented. The strength of a level=1 sandbox is reduced by this with fix, but level=1 becomes the first ride-the-trains content sandbox candidate, Nightly changes to level=2, and higher levels still indicate a more restrictive sandbox. MozReview-Commit-ID: 7NJAe24T4pU --HG-- extra : rebase_source : 8cb5ea82004ad631fe688bafffa9dc9979568679 |
||
---|---|---|
.. | ||
macbuild/Contents | ||
profile | ||
blocklist.xml | ||
firefox.exe.manifest | ||
macversion.py | ||
Makefile.in | ||
module.ver | ||
moz.build | ||
nsBrowserApp.cpp | ||
permissions | ||
splash.rc |